Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD and STOP:c0000135 file %hs Error. Please help!!!


  • This topic is locked This topic is locked
2 replies to this topic

#1 dohc120

dohc120

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 14 November 2012 - 01:32 AM

Having a boot issue. Windows will not load, Safe mode will not boot, restore disabled. I have ran FRST and posted the log below. Thank you in advance for your help.





Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2012
Ran by SYSTEM at 13-11-2012 20:00:11
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [7284328 2011-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [317248 2011-10-17] (NVIDIA Corporation)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [4146848 2011-08-29] (Dell Inc.)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [815512 2012-01-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized [1446760 2012-01-06] (Garmin)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc [280824 2011-04-04] (Filefacts.net)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1561768 2012-05-04] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKU\Mcx1-MININT-PHSTJVD\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation)
HKU\Stephen\...\Run: [Google Update] "C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-04-16] (Google Inc.)
HKU\Stephen\...\Run: [Akamai NetSession Interface] "C:\Users\Stephen\AppData\Local\Akamai\netsession_win.exe" [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKU\Stephen\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\Stephen\...\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C31T0RV05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\Stephen\...\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\Stephen\...\Run: [GoogleChrome] C:\Users\Stephen\0.8447526189030169.exe [230400 2012-11-11] (www.WTPTD.com)
HKU\Stephen\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

==================== Services (Whitelisted) ===================

2 Apache2.2; "C:\xampp\apache\bin\httpd.exe" -k runservice [18432 2011-09-10] (Apache Software Foundation)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
3 FileZilla Server; "C:\xampp\FileZillaFTP\FileZillaServer.exe" [630272 2011-06-07] (FileZilla Project)
2 McAfee SiteAdvisor Service; C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [103472 2012-10-23] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 mysql; C:\xampp\mysql\bin\mysqld.exe --defaults-file=C:\xampp\mysql\bin\my.ini mysql [5396 2012-05-30] ()
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

==================== Drivers (Whitelisted) =====================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-05-07] (DT Soft Ltd)
1 pfmfs_463; C:\Windows\System32\Drivers\pfmfs_463.sys [249704 2010-07-07] (Pismo Technic Inc.)

==================== NetSvcs (Whitelisted) ====================

NETSVC: l8042pr2 -> No ServiceDLL Path.

==================== One Month Created Files and Folders ========

2012-11-13 19:59 - 2012-11-13 19:59 - 00000000 ____D C:\FRST
2012-11-12 00:10 - 2012-11-12 00:10 - 00001964 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-12 00:10 - 2012-11-12 00:10 - 00000350 ___AH C:\Windows\Tasks\avast! Emergency Update.job
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-12 00:10 - 2012-10-30 15:51 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-11-12 00:10 - 2012-10-30 15:51 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-11-12 00:10 - 2012-10-30 15:51 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-11-12 00:10 - 2012-10-30 15:51 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-11-12 00:10 - 2012-10-30 15:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-11-12 00:10 - 2012-10-30 15:51 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-11-12 00:10 - 2012-10-30 15:50 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-11-12 00:10 - 2012-10-30 15:50 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-11-12 00:10 - 2012-10-15 08:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-11-12 00:08 - 2012-11-12 00:09 - 97495576 ____A C:\Users\Stephen\Downloads\avast_free_antivirus_setup.exe
2012-11-11 23:22 - 2012-11-11 23:54 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-11-11 23:22 - 2012-11-11 23:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-11-11 23:22 - 2012-11-11 23:22 - 16409960 ____A (Safer Networking Limited ) C:\Users\Stephen\Downloads\spybotsd162.exe
2012-11-11 22:46 - 2012-11-11 22:46 - 00230400 ____A (www.WTPTD.com) C:\Users\Stephen\0.8447526189030169.exe
2012-11-10 23:17 - 2012-11-10 23:22 - 00000000 ____D C:\Users\Stephen\Downloads\People.Like.Us.2012.DVDRip.XviD-SPARKS
2012-11-10 13:23 - 2012-11-10 13:23 - 13857746 ____A C:\Users\Stephen\Desktop\verse1.wav
2012-11-10 13:04 - 2012-11-10 13:04 - 00001088 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk
2012-11-10 13:04 - 2012-11-10 13:04 - 00001084 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2012-11-10 13:04 - 2012-11-10 13:04 - 00001046 ____A C:\Users\Public\Desktop\MixPad.lnk
2012-11-10 13:03 - 2012-11-10 13:03 - 00895096 ____A (NCH Software) C:\Users\Stephen\Downloads\wpsetup.exe
2012-11-01 20:30 - 2012-11-01 20:32 - 00000000 ____D C:\Users\Stephen\Desktop\e43 manuals
2012-10-30 20:19 - 2012-10-30 20:22 - 183730520 ____A C:\Users\Stephen\Downloads\How.I.Met.Your.Mother.S08E04.HDTV.x264-LOL.[VTV].mp4
2012-10-25 00:38 - 2012-10-25 00:39 - 02855612 ____A C:\Users\Stephen\Downloads\Bassnectar

==================== One Month Modified Files and Folders =======

2012-11-13 19:59 - 2012-11-13 19:59 - 00000000 ____D C:\FRST
2012-11-12 21:12 - 2010-11-20 19:47 - 00027954 ____A C:\Windows\PFRO.log
2012-11-12 00:10 - 2012-11-12 00:10 - 00001964 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-12 00:10 - 2012-11-12 00:10 - 00000350 ___AH C:\Windows\Tasks\avast! Emergency Update.job
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-12 00:10 - 2012-11-12 00:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-12 00:09 - 2012-11-12 00:08 - 97495576 ____A C:\Users\Stephen\Downloads\avast_free_antivirus_setup.exe
2012-11-12 00:06 - 2009-07-13 21:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-11 23:58 - 2012-06-03 22:57 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-11 23:58 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-11 23:58 - 2009-07-13 20:51 - 00069018 ____A C:\Windows\setupact.log
2012-11-11 23:56 - 2012-04-16 19:38 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138071999-526773101-1787826281-1002UA.job
2012-11-11 23:54 - 2012-11-11 23:22 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-11-11 23:27 - 2012-11-11 23:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-11-11 23:22 - 2012-11-11 23:22 - 16409960 ____A (Safer Networking Limited ) C:\Users\Stephen\Downloads\spybotsd162.exe
2012-11-11 23:14 - 2012-02-09 23:12 - 01637266 ____A C:\Windows\WindowsUpdate.log
2012-11-11 23:14 - 2009-07-13 20:45 - 00021472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-11 23:14 - 2009-07-13 20:45 - 00021472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-11 23:08 - 2012-02-09 23:34 - 00000000 ____D C:\Users\All Users\Sonic
2012-11-11 22:50 - 2012-04-15 18:42 - 00000258 _RASH C:\Users\All Users\ntuser.pol
2012-11-11 22:46 - 2012-11-11 22:46 - 00230400 ____A (www.WTPTD.com) C:\Users\Stephen\0.8447526189030169.exe
2012-11-11 22:46 - 2012-02-21 09:16 - 00000000 ____D C:\users\Stephen
2012-11-11 22:38 - 2012-06-03 22:57 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-11 22:33 - 2012-04-03 10:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-11 06:38 - 2012-02-21 21:17 - 00000000 ____D C:\Users\Stephen\AppData\Roaming\uTorrent
2012-11-10 23:22 - 2012-11-10 23:17 - 00000000 ____D C:\Users\Stephen\Downloads\People.Like.Us.2012.DVDRip.XviD-SPARKS
2012-11-10 13:23 - 2012-11-10 13:23 - 13857746 ____A C:\Users\Stephen\Desktop\verse1.wav
2012-11-10 13:04 - 2012-11-10 13:04 - 00001088 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk
2012-11-10 13:04 - 2012-11-10 13:04 - 00001084 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2012-11-10 13:04 - 2012-11-10 13:04 - 00001046 ____A C:\Users\Public\Desktop\MixPad.lnk
2012-11-10 13:04 - 2012-05-31 16:57 - 00000000 ____D C:\Users\Stephen\AppData\Roaming\NCH Software
2012-11-10 13:04 - 2012-05-31 16:57 - 00000000 ____D C:\Users\All Users\NCH Software
2012-11-10 13:04 - 2012-05-31 16:57 - 00000000 ____D C:\Program Files (x86)\NCH Software
2012-11-10 13:03 - 2012-11-10 13:03 - 00895096 ____A (NCH Software) C:\Users\Stephen\Downloads\wpsetup.exe
2012-11-10 10:56 - 2012-04-16 19:38 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138071999-526773101-1787826281-1002Core.job
2012-11-07 12:54 - 2012-02-09 23:39 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-11-03 23:40 - 2012-04-25 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-03 17:59 - 2012-02-22 22:28 - 00000000 ____D C:\Users\Stephen\AppData\Roaming\Skype
2012-11-02 23:54 - 2012-05-30 14:42 - 00000000 ____D C:\Users\Stephen\Downloads\Movies and Shows
2012-11-02 21:09 - 2012-05-31 23:54 - 00000000 ____D C:\Users\Stephen\Desktop\Nate n stuff
2012-11-02 19:55 - 2012-02-21 09:19 - 00000000 ____D C:\Users\Stephen\AppData\Roaming\Mozilla
2012-11-01 20:32 - 2012-11-01 20:30 - 00000000 ____D C:\Users\Stephen\Desktop\e43 manuals
2012-10-30 20:22 - 2012-10-30 20:19 - 183730520 ____A C:\Users\Stephen\Downloads\How.I.Met.Your.Mother.S08E04.HDTV.x264-LOL.[VTV].mp4
2012-10-30 15:51 - 2012-11-12 00:10 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-10-30 15:51 - 2012-11-12 00:10 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-10-30 15:51 - 2012-11-12 00:10 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-10-30 15:51 - 2012-11-12 00:10 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-10-30 15:51 - 2012-11-12 00:10 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-10-30 15:51 - 2012-11-12 00:10 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-10-30 15:50 - 2012-11-12 00:10 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-10-30 15:50 - 2012-11-12 00:10 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-10-26 22:20 - 2012-10-13 22:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-25 00:39 - 2012-10-25 00:38 - 02855612 ____A C:\Users\Stephen\Downloads\Bassnectar
2012-10-24 18:17 - 2012-04-25 23:05 - 00000000 ____D C:\Users\Stephen\AppData\Local\Akamai
2012-10-15 08:59 - 2012-11-12 00:10 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 8086.17 MB
Available physical RAM: 7135.84 MB
Total Pagefile: 8084.32 MB
Available Pagefile: 7126.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:142.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (DATAPART1) (Fixed) (Total:465.76 GB) (Free:136.27 GB) NTFS
3 Drive e: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.66 GB) NTFS
4 Drive f: (WIN_7_HOMEPREMIUM) (CDROM) (Total:5.75 GB) (Free:0 GB) UDF
5 Drive g: (TOSHIBA) (Removable) (Total:7.45 GB) (Free:2.91 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 465 GB 0 B
Disk 2 Online 7643 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 452 GB 1024 KB
Partition 2 Primary 13 GB 452 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OSDisk NTFS Partition 452 GB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E Recovery NTFS Partition 13 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 1024 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D DATAPART1 NTFS Partition 465 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7643 MB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G TOSHIBA FAT32 Removable 7643 MB Healthy

=========================================================

Last Boot: 2012-11-05 00:56

==================== End Of Log =============================

Edited by Orange Blossom, 14 November 2012 - 10:17 AM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:59 AM

Posted 14 November 2012 - 11:37 AM

Hello dohc120,

Welcome to the forum.

We will restore the system. At the same time we remove TeaTimer run entry as it might interfere with our fix. After booting normally you may uninstall Spybot - Search & Destroy. It is not as effective as it was once. But in case you wanted to keep it, you may install it again after we are done.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
HKLM-x32\...\Run: [] [x]
HKU\Stephen\...\Run: [GoogleChrome] C:\Users\Stephen\0.8447526189030169.exe [230400 2012-11-11] (www.WTPTD.com)
2012-11-11 22:46 - 2012-11-11 22:46 - 00230400 ____A (www.WTPTD.com) C:\Users\Stephen\0.8447526189030169.exe
HKU\Stephen\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
NETSVC: l8042pr2 -> No ServiceDLL Path.
end
Now please enter System Recovery Options and select Command Prompt.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart, boot normally and tell me how it went.

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:59 AM

Posted 17 November 2012 - 06:45 PM

This thread will now be closed due to lack of activity.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users